Vulnerabilities

CVE-2025-22251

by Fred · 10/06/2025

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets.

Assigner : psirt@fortinet.com

More information : https://fortiguard.fortinet.com/psirt/FG-IR-24-287

Similar

Tags: Cybersecurity Alert